E-MailRelay
Static Public Member Functions | List of all members
GAuth::Cram Class Reference

Implements the standard challenge-response authentication mechanism of RFC-2195. More...

#include <gcram.h>

Static Public Member Functions

static std::string response (std::string_view hash_type, bool hmac, const Secret &secret, std::string_view challenge, std::string_view response_prefix)
 Constructs a response to a challenge comprising the response-prefix, space, and digest-or-hmac of secretkey-plus-challenge. More...
 
static std::string id (std::string_view response)
 Returns the leading id part of the response. More...
 
static bool validate (std::string_view hash_type, bool hmac, const Secret &secret, std::string_view challenge, std::string_view response)
 Validates the response with respect to the original challenge. More...
 
static G::StringArray hashTypes (std::string_view prefix={}, bool require_state=false)
 Returns a list of supported hash types, such as "MD5" and "SHA1", ordered with the strongest first. More...
 
static std::string challenge (unsigned int random, const std::string &challenge_domain)
 Returns a challenge string that incorporates the given random number and the current time. More...
 

Detailed Description

Implements the standard challenge-response authentication mechanism of RFC-2195.

The response can be built from a simple digest or a hmac. It comprises the userid, followed by a space, followed by the printable digest or hmac. This is normally base64 encoded at higher protocol levels.

A hmac is (roughly) the hash of (1) the single-block shared key and (2) the hash of (2a) the single-block shared key and (2b) the challenge. The two intermediate hash states of stages (1) and (2a) can be stored instead of the the plaintext key (see GAuth::Secret::masked()).

Definition at line 51 of file gcram.h.

Member Function Documentation

◆ challenge()

std::string GAuth::Cram::challenge ( unsigned int  random,
const std::string &  challenge_domain 
)
static

Returns a challenge string that incorporates the given random number and the current time.

Definition at line 227 of file gcram.cpp.

◆ hashTypes()

G::StringArray GAuth::Cram::hashTypes ( std::string_view  prefix = {},
bool  require_state = false 
)
static

Returns a list of supported hash types, such as "MD5" and "SHA1", ordered with the strongest first.

Optionally adds a prefix to each type, and optionally limits the list to those hash functions that support initialisation with intermediate state.

Definition at line 201 of file gcram.cpp.

◆ id()

std::string GAuth::Cram::id ( std::string_view  response)
static

Returns the leading id part of the response.

Returns the empty string on error.

Definition at line 143 of file gcram.cpp.

◆ response()

std::string GAuth::Cram::response ( std::string_view  hash_type,
bool  hmac,
const Secret secret,
std::string_view  challenge,
std::string_view  response_prefix 
)
static

Constructs a response to a challenge comprising the response-prefix, space, and digest-or-hmac of secretkey-plus-challenge.

Returns an empty string on error; does not throw.

Definition at line 98 of file gcram.cpp.

◆ validate()

bool GAuth::Cram::validate ( std::string_view  hash_type,
bool  hmac,
const Secret secret,
std::string_view  challenge,
std::string_view  response 
)
static

Validates the response with respect to the original challenge.

Returns false on error; does not throw.

Definition at line 119 of file gcram.cpp.


The documentation for this class was generated from the following files: